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DETAILED ACTION 

Response to Amendment 

This office action is in response to arguments filed on February 03, 2006. Original 
application contained Claims 1-20. Applicant previously added Claim 21-26. Applicant 
previously amended Claims 1,5-7, 9-14,16, 21-22, and cancelled Claims 2-4, 8, 15, and 25-26. 
Applicant currently amended Claims 5-7, 9-10, 12, 14, 23-24, and cancelled Claims 1,11,13, 
and 21. The amendment filed have been entered and made of record. Presently pending claims 
are 5-7,9-10, 12, 14, 16-20, and 23-24. 

Information Disclosure Statement 
The information disclosure statement filed August 10, 2005 is acknowledged and 
considered accordingly. 

Response to Arguments 
Applicant's arguments with respect to rejected claims have been considered but are moot 
in view of the new ground(s) of rejection. The indicated allowability of claims 16-20 is 
withdrawn in view of the newly discovered reference(s) to Mead et al. Rejections based on the 
newly cited reference(s) follow. 
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Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21 (2) of such treaty in the English language. 

1. Claims 5,7, 9-10,12, 14, 16-18, 20, and 23-34 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Mead et al U.S. Patent No. 6,680,942 ('Mead hereinafter). 

2. Regarding claim 5, Mead teaches and describes 

a directory-enabled network element, comprising: a directory enabling element installed 
in and executed by the network element, wherein the network element is anyone of a packet 
router and a data switch capable of manipulating Packets at any of Open System Interconnection 
(OSI) Layer 2 and 3, wherein the directory enabling element is configured to query, access, and 
update directory information that is managed by a directory service of a network that includes 
the network element, wherein the directory service is any one of a Lightweight Directory Access 
Protocol (LDAP) directory and an X.500 directory (Fig.l, 10-11, col.20 line 59 to col.21 line 60, 
and col.21 line 66 to col. 13 line 23); 

an application programming interface coupled to the directory enabling element and 
configured to receive directory services requests from application programs and provide the 
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directory, services requests to the directory enabling element, wherein the application programs 
are hosted in the network element (Fig.l 1, col.21 line 64 to col.22 line 6); and 

a locator service coupled to the directory enabling element and accessible using the 
application programming interface and configured to enable the application programs to locate 
servers that provide the directory services in the network (coo. 15 line 33 to line 67), and 

a bind service in the directory enabling element and coupled to a security protocol and 
configured to bind an external application program to the security protocol (Fig.l 1, col.l71ine 25 
to line 47). 

3. Regarding claim 7, Mead teaches and describes 

a directory-enabled network element, comprising: a directory enabling element installed 
in and executed by the network element, wherein the network element is anyone of a packet 
router and a data switch capable of manipulating Packets at any of Open System Interconnection 
(OSI) Layer 2 and 3, wherein the directory enabling element is configured to query, access, and 
update directory information that is managed by a directory service of a network that includes 
the network element, wherein the directory service is any one of a Lightweight Directory Access 
Protocol (LDAP) directory and an X.500 directory (Fig.l, 10-11, col.20 line 59 to col.21 line 60, 
and col.21 line 66 to col. 13 line 23); 

an application programming interface coupled to the directory enabling element and 
configured to receive directory services requests from application programs and provide the 
directory, services requests to the directory enabling element, wherein the application programs 
are hosted in the network element (Fig.l 1, col.21 line 64 to col.22 line 6); 
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a locator service coupled to the directory enabling element and accessible using the 
application programming interface and configured to enable the application programs to locate 
servers that provide the directory services in the network (coo. 15 line 33 to line 67), and; 

an event service coupled to the directory enabling element and configured to receive 
registration of an event and an associated responsive action from an application program, notify 
the application program when the event occurs, and execute the associated responsive action in 
response thereto (col.15 line 65 to col.16 line 10, and col.16 line 37 to col.17 line 25). 

4. Regarding claim 12, Mead teaches and describes a directory-enabled packet router for a 
packet-switched network (Fig.l, 11-12), comprising: a directory enabling element installed in 
and executed by the packet router, wherein the packet router is capable of manipulating packets 
at any of Open System Interconnection (OSI) Layer 2 and 3, wherein the directory enabling 
element is configured to query, access, and update directory information that is managed by a 
directory service of the packet-switched network, wherein the directory service is any one of a 
Lightweight Directory Access Protocol (LDAP) directory and an X.500 director (Fig.l, 10-11, 
col.20 line 59 to col.21 line 60, and col.21 line 66 to col. 13 line 23). 

a bind service in the directory enabling element and coupled to a security protocol and 
configured to bind an application program to the security protocol (Fig.l 1, col.l71ine 25 to line 
47); 

an event service coupled to the directory enabling element and accessible using the 
application programming interface and configured to receive registration of an event and an 
associated responsive action from an application program, notify the application program when 
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the even occurs, and execute the associated responsive action in response thereto (col. 15 line 65 
to col.16 line 10, and col. 16 line 37 to col.17 line 25). 



5. Regarding claim 14, Mead teaches and describes a directory-enabled network data switch 
for a packet-switched network (Fig.l, 11-12), comprising: a directory enabling element installed 
in and executed by the data switch, wherein the data switch is capable of manipulating packets at 
any of Open System Interconnection (OSI) Layer 2 and 3, wherein the directory enabling 
element is configured to query, access, and update directory information that is managed by a 
directory service of the packet-switched network, wherein the directory service is any one of a 
Lightweight Directory Access Protocol (LDAP) directory and an X.500 directory (Fig.l, 10-11, 
col.20 line 59 to col.21 line 60, and col.21 line 66 to col.13 line 23); 

a bind service in the directory enabling element and coupled to a security protocol and 
configured to bind an application program to the security protocol (Fig.l 1, col.l71ine 25 to line 
47); 

an event service coupled to the directory enabling element and accessible using the 
application programming interface and configured to receive registration of an event and an 
associated responsive action from an application program, notify the application program when 
the event occurs, and execute the associated responsive action in response thereto (col. 15 line 65 
to col.16 line 10, and col.16 line 37 to col.17 line 25). 
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6. With respect to claim 16, Mead teach a computer-readable medium carrying one or more 
sequences of instructions for using a directory-enabled network element, wherein execution of 
the one or more sequences of instructions by one or more processors causes the one or more 
processors (Fig. 1 , 1 1-12) to perform the steps of: 

creating and storing a directory enabling element installed in and executed by the 
network element, wherein the network element is any one of a packet router and a data switch 
capable of manipulating packets at any of Open System Interconnection (OSI) Layer 2 and 3, 
wherein the directory enabling element is configured to query, access, and update directory 
information that is managed by a directory service of the a network that includes the network 
element, wherein the directory service is any one of a Lightweight Directory Access Protocol 
(LDAP) directory and an X.500 directory (Fig.l, 10-11, col.20 line 59 to col.21 line 60, and 
col.21 line 66 to col.13 line 23); 

binding the application program to a security protocol (Fig.l 1, col. 17 line 25 to line 47); 

creating an event and an associated responsive action that are associated with the 
application program (Fig.l 1, col.21 line 64 to col.22 line 6); 

in response to occurrence of the event, executing the responsive action, obtaining policy 
information from the directory service, and converting the policy information into one or more 
commands that are executable by the directory enabled network element (col. 15 line 65 to col. 16 
line 10, and col. 16 line 37 to col. 17 line 25). 



7. 



Regarding claim 23, Mead teaches and describes 
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a system comprising a network element, enabled to automatically interface with directory 
services in a network, wherein the network element (Fig.l, 1 1-12) comprises: a directory 
enabling element installed and executed by the network element, wherein the network element is 
any one of a packet router and a data switch capable of manipulating packets at any of Open 
System Interconnection (OSI) Layer 2 and 3, wherein the directory enabling element is 
configured to query, access, and update directory information that is managed by directory 
services of a network that includes the network element, wherein the directory services include at 
least one of a Lightweight Directory Access Protocol (LDAP) directory and an X.500 directory 
(Fig.l, 10-11, col.20 line 59 to col.21 line 60, and col.21 line 66 to col. 13 line 23); and 

a locator service coupled to the directory enabling element and configured to locate 
servers that provide the directory services in the network (coo. 15 line 33 to line 67). 

wherein the network element obtains policy information form the directory services and 
updates the directory service (col. 19 line 30 to col.20 line 48). 

8. Claims 9-10, 17-18, 20, and 24 are rejected applied as above rejecting claims 5, 16, and 
23. Furthermore, Mead teach and describe teach a directory-enabled network (Fig.l, 11-12) 
comprising 

As per Claim 9, a directory-enabled network (Fig.l, 11-12) comprising: 
a directory enabling element installed in and executed by the network element, and 
configured to query, access, and update directory information that is managed by a directory 
service of a network that includes the network element (Fig.l, 10-11, col.20 line 59 to col.21 line 
60, and col.21 line 66 to col. 13 line 23); 
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a locator service coupled to the directory enabling element and configured to locate 
servers that provide the directory services in the network (coo. 15 line 33 to line 67) ; 

a group policy interface coupled to the directory enabling element and configured to 
receive and update the directory service with one or more definitions of directory services 
policies that apply to groups of network devices in the network (col. 19 line 30 to col.20 line 48). 

As per Claim 10, a directory-enabled network (Fig.l, 11-12) comprising: 

a directory enabling element installed in and executed by the network element, and 

configured to query, access, and update directory information that is managed by a directory 

service of a network that includes the network element (Fig.l, 10-11, col.20 line 59 to col.21 line 

60, and col.21 line 66 to col.13 line 23); 

a bind service in the directory enabling element and coupled to a security protocol and 

configured to bind an external application program to the security protocol (Fig.l 1, col. 17 line 

25 to line 47). 

an event service coupled to the directory enabling element and accessible using the 
application programming interface and configured to receive registration of an event and an 
associated responsive action from an application program, notify the application program when 
the event occurs, and execute the associated responsive action in response thereto (col. 15 line 65 
to col.16 line 10, and col.16 line 37 to col.17 line 25). 

As per Claim 17, further performing the steps of: locating a nearest directory server and 
binding the application program to the nearest directory server that is located, and locating a 
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nearest event server and binding the application program to the nearest event server that is 
located (col.2 line 58 to col.3 line 17, and col.6 line 17 to line 46). 

As per Claim 18, furthermore, Meade teach translating the policy information into one or 
more values that are ready to apply to a router, whereby a virtual private network [network 
cloud, Fig, 1, and 1 1] is created between the router and another network device (col.21ine 58 to 
col.3 line 17). 

As per Claim 20, wherein execution of the one or more sequences of instructions by one 
or more processors causes the one or more processors to perform the further (Fig. 1 , 1 1-12) steps 
of establishing an application programming interface coupled to the directory enabling element 
and configured to receive directory services requests from application programs and provide the 
directory services requests to the one or more processors (col. 15 line 65 to col. 16 line 10, and 
col. 16 line 37 to col. 17 line 25). 

As per Claim 24, wherein the network element includes a protocol agent for interfacing 
with directory services (col.20 line 59 to col.21 line 19). 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

9. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over Mead, U.S. Patent 

No. 6,680,942 ('Mead' hereinafter) in view of Day, II et al. U.S. Patent No. 5,968,1 16 ('Day, 

II' hereinafter). 

110. Mead teach claim 6 rejected as above in rejecting claim 1 . 

Mead does not explicitly disclose a Unicode translation service configured to query, 
access, and update directory information that is encoded in a Unicode international character 
format. 

Day, II teach a Unicode translation service configured to query, access, and update 
directory information that is encoded in a Unicode international character format (see col. 6, 
lines 13-31). 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Day, II within the system of Mead because both 
references are directed to a directory-enabled network element, and because the implementation 
of the Unicode translation service of Day, II in Mead would allow for the data within the 
directory to be effectively transported through the network without corruption, further improving 
the reliability of the directory information that is encoded in a Unicode international character 
format. 
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Claims 19 are rejected under 35 U.S.C 103(a) as being unpatentable over Mead, U.S. 
Patent No. 6,680,942 ('Mead' hereinafter) in view of Nessett et al. U.S. Patent No. 5,968,176 
('Nessett' hereinafter). 

Mead teach claim 19 rejected as above in rejecting claim 16. Mead does not explicitly 
disclose a set of internal data structures of a router and a dynamic IPSEC configuration. 

Nessett teaches translating the policy information into one or more values that are ready 
to apply to a set of internal data structures of a router, by calling one or more internal NOS API 
functions, whereby a dynamic IPSEC configuration is created that connects the router and at 
least one other network device (see col. 10, lines 24-59; col. 13, lines 51-67 to col. 14, lines 19- 
30). 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Nessett within the system of Mead to arrive at the 
invention as claimed because both references are analogous art, and the implementation of 
IPSEC configuration would not only increase the level of protection of the communication that 
occurs between the router and one other network device, but will also effectively ensure that the 
secure packet exchanges occur at the IP layer, thus further improving the security of the 
communication interface of the combined system. 



Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed Zia whose telephone number is 571-272-3798. The 
examiner can normally be reached on 9:00 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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